Coplan has asked for the
wisdom of the Perl Monks concerning the following question:

I have a special bit of perl code that I created and modified over the years. I know it's against the traditions of the whole open source community, but I would like this particular bit of code to be closed.

Is there a way I can compile perl into an executable image much like the way we do with C++ or other languages? Or at least is there a way that I can hide the code from the end-user's eye?

I'll admit that at some early point in time, I too had wanted to "close" a perl-oriented script/program. I did the foresight of reading other people's attempts and saw that it wasn't a really good idea and if I wanted anything "closed", to just write it in C, even though good usage of strings and decompilers can get most of it out. Since then, I've never hid/closed anything I've written and I have gotten much more positive responses on all things I've ever written from those in the open source community. I even provide the source for things written in C, documentation and all.

Bottom line, just share it. You'll find that the responses you'll get are much more open and helpful than if you try to "hide" an interpreted-language-oriented script.

It's like the guy that wanted to write all of his shell scripts in perl. Everything on the system that ran in /bin/sh was converted to /usr/bin/perl...which promptly failed because /usr isn't mounted at boot time and hence, no perl binary is available. Just because it sounds like a good idea, doesn't mean it's anywhere near a good idea.

I seriously doubt there is anything you have written that is worthy of needing such "closing". And if there truly is, then you should be writing a paper ( or even book ) about it, speaking on it and then getting massive contracts because somebody saw your brilliant piece of Perl code -- they can't do that if it is "closed".

I think you guys have all mostly been a little unfair. It is usually the commercial and legal people that want to protect the code. If you invest all that money in patenting some code to stop people copying it then they are gonna want to invest money in technically stopping people copying it.

I have personally seen big companies reject systems because they were written in Perl for this reason.

Programmers have to be paid for their work and companies have to protect theirs investments. Stopping people copying years of hard toil can sometimes be the only way to stop the unscrupulous

licensing is often poitnless as I have also seen companies abuse and sell open source software as their own

I have personally seen big companies reject systems because they were written in Perl for this reason.

True. On the other hand I have also seen companies reject systems because they do not have access to the source. Depends on the client. Depends on the job.

Languages like Perl and Java running on a relatively high level VM are far easier to de-compile than something that compiles down to machine code. So, don't use them for projects when simple access to the source code is an issue. Any "compilers" or "obfu" generators that leave the VM code around are pretty trivial to get around.

Personally, I do the vast majority of my commercial work in areas where access to the source isn't an issue - indeed it is usually required.

Apparently the poster wants to close his source to make money from it. That's his perfectly good right to do. The problem is that he's asking how to do that in a forum which thrives on openness. If you're stupid enough to do that, you deserve to get flamed. Especially if he doesn't even do some research on this site which would have learned him that asking questions about ways to close the source is a no-no.

So, if he wants to close the source to make money off of that particular piece of code, he wouldn't mind shelling out some money to achieve that goal, right? Well, whaddayknow!
Take a look at Stunnix Perl-obfus. Perfectly unreadable code for only $879! Seems like a bargain to me.

I have personally seen big companies reject systems because they were written in Perl for this reason.

And it's an extremely valid, if not the most valid, reason to do so. Companies exist to make money. If you want otherwise, go work for a charity. You simply aren't going to make as much (if any) by releasing the source and letting everyone do as they please with it. If you can't understand this basic concept, I recommend you stick to programming and never get into management (heaven, I know ;).

How does protecting the source code of the program protect it from being copied? The protection comes through legal means like licenses and patents. Anyone that just wants the binaries, will just copy those. Anyone that wants the algorithm, can disassemble the machine code. Perl just makes it easier to figure what is going on. Anyone who isn't afraid of legal means won't be stopped by an obfuscator.

In some ways, Perl source could be better from a legal standpoint because it is explicitly available. The competitor who looks at your product has a harder time proving they didn't look at the source code because it was sitting right there on their hard drive. With a binary C program, they can claim legitimate reverse engineering. It is also likely that their source will be written new using the algorithm and concepts. With Perl, they are more likely to get caught copying the source directly and producing a derived work. Then your attack laways take them to court and win the big bucks.

I think I mentioned two or three times in response to similar posts the possibility of not giving the client the entire program, and running an ASP style service which would give them a key or the rest of the program over the net once they have paid.

This guy may have something which a client is willing to buy but it is based on a really simple algorithm or even someone else's module which he cannot justify the hours on. Anyway it gets asked alot because:

1) it is a difficult problem, regardless of the "why do you want to make it secret" crowd, and also because

2) it must not be answered in an easy to find library on PM since everyone keeps responding to the darned question!

Anyway I wouldn't mind seeing people's experience with perlcc/perl2exe tools to hear about those tools' limitations/abilities. In particular I'd like to see what they would do to a PerlWx type application and if it could be made into a single app without requiring a perl interpreter. Here my interest is not obfuscation, but quick gui-based product development.